Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution
Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks. Potential attackers could exploit the security flaw found in Linux kernel’s rds_tcp_kill_sock TCP/IP…
Microsoft Office 365 Security Observations
Summary As the number of organizations migrating email services to Microsoft Office 365 (O365) and other cloud services increases, the use of third-party companies that move organizations to the cloud is also increasing. Organizations and their third-party partners need to be aware of the risks…
WhatsApp vulnerability exploited to infect phones with Israeli spyware
Attackers have been exploiting a vulnerability in WhatsApp that allowed them to infect phones with advanced spyware made by Israeli developer NSO Group, the Financial Times reported on Monday, citing the company and a spyware technology dealer. A representative of WhatsApp, which is used by 1.5…
NVIDIA Patches High Severity Windows GPU Display Driver Flaws
NVIDIA issued a security update to fix three high and medium severity security issues in the NVIDIA GPU Display Driver that could lead to code execution, denial of service, escalation of privileges, or information disclosure on vulnerable Windows machines. Even though to abuse the patched flaws…
Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware
Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper. SANS expert Renato Marinho uncovered an ongoing malicious campaign that is targeting vulnerable Apache Jenkins installs to deliver a Monero cryptominer dubbed Kerberods. According to the SANS…
Exploit for Apple iOS version 12.1.3
Following our previous blog post “Analysis and Reproduction of iOS/OSX Vulnerability: CVE-2019-7286” we discussed the details of CVE-2019-7286 vulnerability – a double-free vulnerability that was patched in the previous release of iOS and was actively exploited in the wild. There is no public information about…
Flaws in the design of IoT devices prevent them from notifying homeowners about problems
esign flaws in smart home Internet of Things (IoT) devices that allow third parties to prevent devices from sharing information have been identified by researchers at North Carolina State University. On storage constrained IoT devices, the lack of buffering event notifications and content in embedded channels presents…
Several IoT botnet C2s compromised by a threat actor due to weak credentials
Introduction Most IoT botnets including Mirai and QBot count on getting access to the victim using weak/default credentials. However, a lot of times the threat actors themselves have poor opsec, with weak and default passwords in their command and control server. In theory, another black…
SCADA Shutdown Tool
Overview SCADAShutdownTool is industrial control system automation and testing tool allows security researchers and experts to test SCADA security systems, enumerate slave controllers, read controller’s registers values and rewrite registers data. SCADAShutdownTool allow enumeration of all registers types of a controller include coil outputs, digital…
Vulnerabilities Found in Over 100 Jenkins Plugins
A researcher has discovered vulnerabilities in more than 100 plugins designed for the Jenkins open source software development automation server and many of them have yet to be patched. NCC Group Security Consultant Viktor Gazdag has manually tested hundreds of plugins that extend Jenkins’ functionality…
Stay connected